DragonForce attacks Västblekinge Miljö AB

Incident Date:

April 9, 2024

World map



DragonForce attacks Västblekinge Miljö AB


Västblekinge Miljö AB




Mörrum, Sweden

, Sweden

First Reported

April 9, 2024

DragonForce Ransomware Gang Targets Västblekinge Miljö AB

The DragonForce ransomware gang has added Västblekinge Miljö AB to its list of victims, although no other details are available. Västblekinge Miljö AB is a waste management company that provides garbage collection, recycling, bulk waste, and solid waste services. Its task is to coordinate waste management across three municipalities in Sweden.

About DragonForce

DragonForce, also known as DragonLeaks is a new ransomware operation that first appeared on the scene in early December 2023. As of mid-January, not much is known about this ransomware or the group responsible for creating and disseminating it. The gang has a dark web data leak site that is also known as DragonLeaks. It claims to encrypt victim systems and exfiltrate data. Therefore, they are categorized as a crypto-ransomware and data broker group. They have also been known to take part in direct and double extortion attacks, and if the victims fail to pay, then they release the data for free (Free Data Leaks).

Origins and Operations

Researchers believe the gang is a hacktivist group out of Malaysia. It has claimed several high-profile attacks to date, but is too young for investigative agencies to have a clear understanding about its systems, structures, tactics, or history.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.